Regenerating keys

You can regenerate your SSL keys with a new passphrase.

This task presumes that you have already generated a set of SSL keys and now want to regenerate them with a different passphrase.

When generating key certificates, keep in mind that you cannot generate a new set of keys if a previous set already exists. If you attempt to do so, the generate_ssl_keys utility fails with this error message: 
SSL key files already exist!

If you intend to re-push existing SSL config across your WLS cluster,
run again and add the --syncOnly flag

Exiting with error state!

In this case, you must use the following procedure.

To regenerate the SSL key certificates:

  1. Go to the $DOMAIN_HOME/<endeca_server_domain>/config/ssl directory (where endeca_server_domain is the name of your WebLogic domain for the Endeca Server).

    You can use a command prompt or Windows Explorer (on Windows).

  2. Delete all the certificate key files.
  3. Run the generate_ssl_keys utility, as documented in Creating SSL certificates.

    You will be specifying the new passphrase with the --sslPassphrase flag.

  4. Stop and then restart the WebLogic Admin Server.

After the server restarts, you will use the new passphrase when you run Endeca Server commands.